Hello!
On Mon, 1 Mar 1999, FreeLSD wrote:
> po vsem punktam krome 6-go ponyatno...
> mozhno bolee podrobno o "tacacs like before/after authorisation" ?
That is, starting some external program when user is being authorized.
It can then do some useful fings (maplay /usr/lib/lamer_logon.mp3 :),
permit or deny authorization (based on exit code) and even change some
user av-pairs (attributes) by processing stdin to stdout.
May be, it would be useful to make PAM-aware radius server so it can use
existing pam-modules to access different aaa services without writting any
addtional code. Anyway, i think you should make some internal API to
develop new aaa modules. That would simplify future development.
May be it would be useful to include some perl_mod-like interface so each
user can simply add new functionality.
You can look at tacacs server 'tac+ia' to see what features people want
from aaa server. It can be ftp'd from ftp://ftp.east.ru.
С уважением, Даньков Михаил, г. Белгород.
ОАО "Деловая Телерадиокоммуникация" - партнер Глобал Один
тел./факс +7-(0722)-27-48-45
2:5037/9@fidonet HAM CALLSIGN: RK3ZWO
=============================================================================
"inet-admins" Internet access mailing list. Maintained by East Connection ISP.
Mail "unsubscribe inet-admins" to Majordomo@info.east.ru if you want to quit.
Archive is accessible on
